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CLAIMS: 

1 . A system for managing security domains, the system comprising:- 

a plurality of security domains, each domain comprising at least one 
network having a plurality of managed nodes provided therein; 

at least one management node located in one of said plurality of security 
domains for controlling operation of said plurality of managed nodes in 
said one security domain; and 

a firewall located external of said one security domain which is 
operationally linked to the management node in said one security domain, 
the firewall linking said management node with said plurality of managed 
nodes in said plurality of security domains. 

2. A system according to claim 1 , wherein the firewall controls the network 
traffic by examining the source of the traffic, the destination of the traffic, 
and the operational content contained within that traffic. 

3. A system according to claim 1 or 2, wherein the firewall converts one 
management protocol to another. 

4. A system according to any one of claims 1 to 3, wherein the firewall hosts 
Simple Network Management Protocol (SNMP). 

5. A system according to claim 4, wherein, when the managing security 
domain hosts one version of SNMP and at least one of the managed 
security domain hosts another version of SNMP, the firewall converts one 
version of SNMP to another. 

6. A system according to claim 5, wherein the managing security domain 
hosts several versions of SNMP and the managed security domains hosts 
less secure versions of SNMP. 
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7. A system according to claim 5 or 6, wherein the firewall converts SNMPv3 
on the managed security domain to SNMPv2c on the managed security 
domains. 

8. A system according to any one of claims 1 to 3, wherein the firewall hosts 
a subset of Internet Control Management Protocol (ICMP). 

9. A system according to any one of the preceding claims, wherein the 
firewall prevents communication between one managed security domain 
and any other managed security domain. 

10. A system according to any one of preceding claims, wherein the firewall 
controls access of information by each node in a managed security 
domain, 

11. A method of centralising access control information on managed nodes in 
a system for managing security domains according to any one of the 
preceding claims. 

12. A system for managing security domains substantially as hereinbefore 
described with reference to the accompanying drawings. 



